Reputation: 2392
Can .NET provided APIs get obfuscated too?
I am considering using obfuscation for my .NET application. My question is that any of these obfuscators also obfuscates any .NET APIs that my code calls. So for example if my class calls any .NET file stream functions or socket related APIs, will they also get obfuscated?
Upvotes: 1
Views: 890
Answers (5)
Reputation: 1
Yes, actually it is called cross assembly obfuscation. It is really needed for perfect obfuscation.
Renaming of external references thus dramatically increasing the number of obfuscated constructs. Given a set of assemblies that interface each other, FxProtect will rename classes, methods and fields referenced from other assemblies uniformly. For example, if class A declared in assembly A is referenced from assembly B and FxProtect renames class A to A1, it will also rename B's external reference from A to A1.
I am using cross assembly obfuscation with FxProtect. You can try it... .NET Obfuscator
Upvotes: 0
Reputation: 5836
Yes, it is possible to obfuscate the calls to .Net APIs, Crypto Obfuscator does exactly this - it replaces method calls made to .Net APIs with proxy methods.
Before:
Application.EnableVisualStyles();
After:
A.A();
DISCLAIMER: I work at LogicNP Software, the developer of Crypto Obfuscator.
Upvotes: 3
Reputation: 108800
It's certainly possible in theory to obfuscate your calls to the .net libraries, but not the .net libraries themselves obviously.
One could replace the calls to library functions with delegate calls in many places. That'd result in a certain performance hit, and some things like ngen might be affected. And it only protects against simple reflection of your assemblies, and not when your code runs in a debugger.
Upvotes: 0
Reputation: 27962
No, the system .NET assemblies — quite naturally — won't be obfuscated. They aren't your code. Unless you try to include them among your obfuscation configuration they won't be touched. In case you do include them, you most likely will end up with a non-functioning result.
Also, people usually don't obfuscate public APIs (classes, members, …). However, in case they are public for the sake of binding within your software only, your obfuscator might be capable of obfuscating them as well.
Upvotes: 0
Reputation: 42246
Public names of classes, properties, parameters, fields and methods will not be obfuscated.
The API you expose to referencing assemblies must be public, so, the API will not be obfuscated.
Upvotes: 0
Related Questions
- How effective is obfuscation?
- Protect .NET code from reverse engineering?
- Are they obfuscated of C# code?
- Should you obfuscate a commercial .Net application?
- Is .NET code obfuscation really worth it?
- How to secure an API written in .Net
- Alternative for Obfuscation in the .NET world
- Is it possible to obfuscate raw C# source code?
- Obfuscation in .NET: how is it done how secure is it?
- Obfuscating java versus .net applications, is it pretty much the same?